public async Task <ActionResult> SelectTwoStepSetup() { EditModel model = new EditModel(); Manager.NeedUser(); using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) { UserDefinition user = await userDP.GetItemByUserIdAsync(Manager.UserId); if (user == null) { throw new InternalError("User with id {0} not found", Manager.UserId); } using (UserLoginInfoDataProvider logInfoDP = new UserLoginInfoDataProvider()) { string ext = await logInfoDP.GetExternalLoginProviderAsync(Manager.UserId); if (ext != null) { return(View("ShowMessage", this.__ResStr("extUser", "Your account uses a {0} account - Two-step authentication must be set up using your {0} account.", ext), UseAreaViewName: false)); } } TwoStepAuth twoStep = new TwoStepAuth(); List <ITwoStepAuth> list = await twoStep.GetTwoStepAuthProcessorsAsync(); List <string> procs = (from p in list select p.Name).ToList(); List <string> enabledTwoStepAuths = (from e in user.EnabledTwoStepAuthentications select e.Name).ToList(); foreach (string proc in procs) { ITwoStepAuth auth = await twoStep.GetTwoStepAuthProcessorByNameAsync(proc); if (auth != null) { ModuleAction action = await auth.GetSetupActionAsync(); if (action != null) { string status; if (enabledTwoStepAuths.Contains(auth.Name)) { status = this.__ResStr("enabled", "(Enabled)"); } else { status = this.__ResStr("notEnabled", "(Not Enabled)"); } model.AuthMethods.Add(new Controllers.SelectTwoStepSetupModuleController.EditModel.AuthMethod { Action = action, Status = status, Description = auth.GetDescription() }); } } } model.AuthMethods = (from a in model.AuthMethods orderby a.Action.LinkText select a).ToList(); } return(View(model)); }
public async Task <ActionResult> UserPassword() { if (!Manager.CurrentContext.User.Identity.IsAuthenticated) { throw new Error(this.__ResStr("noUser", "There is no logged on user")); } string userName = User.Identity.Name; using (UserLoginInfoDataProvider logInfoDP = new UserLoginInfoDataProvider()) { string ext = await logInfoDP.GetExternalLoginProviderAsync(Manager.UserId); if (ext != null) { return(View("ShowMessage", this.__ResStr("extUser", "Your account uses a {0} account - The password must be changed using your {0} account.", ext), UseAreaViewName: false)); } } UserManager <UserDefinition> userManager = Managers.GetUserManager(); UserDefinition user = await userManager.FindByNameAsync(userName); if (user == null) { throw new Error(this.__ResStr("notFound", "User \"{0}\" not found."), userName); } EditModel model = new EditModel { }; model.SetData(user); using (LoginConfigDataProvider logConfigDP = new LoginConfigDataProvider()) { model.PasswordRules = Module.ShowPasswordRules ? logConfigDP.PasswordRules : null; } return(View(model)); }
public async Task <ActionResult> UserPassword_Partial(EditModel model) { // get current user we're changing if (!Manager.CurrentContext.User.Identity.IsAuthenticated) { throw new Error(this.__ResStr("noUser", "There is no logged on user")); } string userName = User.Identity.Name; using (UserLoginInfoDataProvider logInfoDP = new UserLoginInfoDataProvider()) { string ext = await logInfoDP.GetExternalLoginProviderAsync(Manager.UserId); if (ext != null) { throw new Error(this.__ResStr("extUserPswd", "This account can only be accessed using an external login provider")); } } UserManager <UserDefinition> userManager = Managers.GetUserManager(); UserDefinition user = await userManager.FindByNameAsync(userName); if (user == null) { throw new Error(this.__ResStr("notFound", "User \"{0}\" not found."), userName); } model.SetData(user); if (Module.ShowPasswordRules) { using (LoginConfigDataProvider logConfigDP = new LoginConfigDataProvider()) { model.PasswordRules = logConfigDP.PasswordRules; } } if (!ModelState.IsValid) { return(PartialView(model)); } // change the password IPasswordValidator <UserDefinition> passVal = (IPasswordValidator <UserDefinition>)YetaWFManager.ServiceProvider.GetService(typeof(IPasswordValidator <UserDefinition>)); IdentityResult result = await passVal.ValidateAsync(userManager, user, model.NewPassword); if (!result.Succeeded) { foreach (var err in result.Errors) { ModelState.AddModelError(nameof(model.NewPassword), err.Description); } return(PartialView(model)); } result = await userManager.ChangePasswordAsync(user, model.OldPassword ?? "", model.NewPassword); if (!result.Succeeded) { foreach (var err in result.Errors) { ModelState.AddModelError(nameof(model.OldPassword), err.Description); } return(PartialView(model)); } IPasswordHasher <UserDefinition> passwordHasher = (IPasswordHasher <UserDefinition>)YetaWFManager.ServiceProvider.GetService(typeof(IPasswordHasher <UserDefinition>)); user.PasswordHash = passwordHasher.HashPassword(user, model.NewPassword); // update user info LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync(); user.LastPasswordChangedDate = DateTime.UtcNow; user.PasswordChangeIP = Manager.UserHostAddress; bool forceReload = false; if (user.NeedsNewPassword) { forceReload = true; // we need to reload the page to get rid of the warning from NeedPasswordDisplay } user.NeedsNewPassword = false; user.PasswordPlainText = config.SavePlainTextPassword ? model.NewPassword : null; user.ResetKey = null; user.ResetValidUntil = null; // finally update the user definition result = await userManager.UpdateAsync(user); if (!result.Succeeded) { throw new Error(string.Join(" - ", (from e in result.Errors select e.Description))); } // logoff/logon for any side effects in identity (like SecurityStamp update/cookies) await LoginModuleController.UserLoginAsync(user); return(FormProcessed(model, this.__ResStr("okSaved", "Your new password has been saved"), ForceRedirect: forceReload)); }